Closed seivan closed 1 year ago
marzent
commented
1 year ago That is a problem IINACT can do nothing about, if it is missing capture permissions…
ChmodBPF should be able to fix that though. You can also check if permissions are set correctly for /dev/bpf* before running.
seivan
commented
1 year ago @marzent I did. As I said, it had capture permissions before and I guess it no longer has them. Reinstalling ChmodBPF didn’t fix it. Reinstalling XIVMac, .net installers, bunnyHD and etc didn’t fix it either.
Have you tested on the latest Ventura update? Came out a few days ago. Maybe it changed something significant beyond permissions?
marzent
commented
1 year ago Capture permissions on BSD like systems are user based, no amount of reinstalling will fix that. It might be that the mechanism ChmodBPF used is broken in 13.1; Wireshark will not work as well I would honestly just open an issue there, since they maintain it.
I will close this issue since that error string comes directly from native libpcap (maybe Apple botched it in 13.1 who knows). Either way there is literally nothing IINACT can do to alleviate the issue.
Would still be interesting to know what the underlying issue is, feel free to keep this updated.
seivan
commented
1 year ago Capture permissions on BSD like systems are user based, no amount of reinstalling will fix that. It might be that the mechanism ChmodBPF used is broken in 13.1;
This is what I mean. I went from it working, to closing FFXIV, installing update, to not working in matter of minutes. So whatever happened in the update broke it.
Now, my initial guess was the user permissions got altered and/or login items were removed. I checked the ChmodBPF installation package to see what shell script it runs (and yes, it does create groups and alter permissions) so I reran it. And it's still broken.
And you were right @marzent https://gitlab.com/wireshark/wireshark/-/issues/18734 as the last comment indicates that the problem is there. It is permission related.
The temporary solution is to run "sudo /Library/Application\ Support/Wireshark/ChmodBPF/ChmodBPF"
Can you tell me how that fits in with IINACT and XIVOnMac? When & How is ChmodBPF launched and can I intercept that and add a sudo?
I am using this; https://github.com/marzent/ffxiv-on-mac/raw/main/ChmodBPF/Install%20ChmodBPF.pkg
And that seems to be quite old(?) - what's the difference between that and the brew version which is more up to date https://formulae.brew.sh/cask/wireshark-chmodbpf ?
marzent
commented
1 year ago I don’t believe there is much of a difference between the versions but haven’t been following its development, the version in the repo was just a snapshot of the package at that time; will update to 13.1 next week and investigate a bit, but good to know that they are already aware there is an issue.
marzent
commented
1 year ago ChmodBPF only needs to run once btw and will set up launchd to alter the bpf device permissions on boot
seivan
commented
1 year ago @marzent So Peter Wu had the solution
sudo launchctl unload '/Library/LaunchDaemons/org.wireshark.ChmodBPF.plist'
sudo launchctl load '/Library/LaunchDaemons/org.wireshark.ChmodBPF.plist'
Works again!
Keep in mind that that is somehow not the same thing that occurs as disabling and then enabling this
I unloaded it, and it was still there, and enabled under login items.
Anyway, could be worth pinning or documenting this somehow for others who get the same problem, which they will when they update. Will happen to anyone who uses Wireshark but I am guessing most XIV users aren't developers and won't know how to search and debug.
As usual, thanks for your work and current help! Much obliged.
marzent
commented
1 year ago @seivan this was actually an issue with how apple checked code signatures during boot and it is fixed with 13.2
It worked on Ventura before, but recent macOS update broke it. If the update has reset things (and these things are known) what do I need to reset to make it work again, or will it require an IINACT update?